package com.hksj.Intelligentmanagement.auth.expression;

import com.hksj.Intelligentmanagement.auth.entity.LoginUser;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

import java.util.List;

@Component("cer")
public class CustomExpressionRoot {

    //自定义鉴权

    // 当前用户具有该权限才可以访问
    public boolean hasAuthority(String authority){
        //获取当前用户的权限
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        LoginUser loginUser = (LoginUser) authentication.getPrincipal();
        List<String> permissions = loginUser.getPermissions();
        //判断用户权限集合中是否存在authority
        return permissions.contains(authority);
    }

    //当前用户具有多个权限中其中一个即可访问
    public boolean hasAnyAuthority(String ... authorities){
        //获取当前用户的权限
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        LoginUser loginUser = (LoginUser) authentication.getPrincipal();
        List<String> permissions = loginUser.getPermissions();

        //判断该用户是否具有多个权限中其中一个
        for (String authority : authorities) {
            if (permissions.contains(authority)){
                return true;
            }
        }
        return false;
    }

    //当前用户具有该角色才可以访问
    public boolean hasRole(String role){
        //获取当前用户的角色集合

        return true;
    }

    //当前用户具有多个权限中其中一个即可访问
    public boolean hasAnyRole(String ...roles){
        //获取当前用户的角色集合

        return true;
    }
}
